Main Page | Namespace List | Class Hierarchy | Data Structures | Directories | File List | Data Fields | Globals | Related Pages

class_user.php

Go to the documentation of this file.
00001 <?
00002 /*
00003  *   This file is part of PhpCompta.
00004  *
00005  *   PhpCompta is free software; you can redistribute it and/or modify
00006  *   it under the terms of the GNU General Public License as published by
00007  *   the Free Software Foundation; either version 2 of the License, or
00008  *   (at your option) any later version.
00009  *
00010  *   PhpCompta is distributed in the hope that it will be useful,
00011  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00013  *   GNU General Public License for more details.
00014  *
00015  *   You should have received a copy of the GNU General Public License
00016  *   along with PhpCompta; if not, write to the Free Software
00017  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
00018 */
00019 /* $Revision: 1.20 $ */
00020 // Copyright Author Dany De Bontridder ddebontridder@yahoo.fr
00031 include_once("constant.php");
00032 
00033 class cl_user {
00034   var $id;
00035   var $pass;
00036   var $db;
00037   var $admin;
00038   var $valid;
00039 
00040   function cl_user ($p_cn,$p_id=-1){
00041     // if p_id is not set then check the connected user
00042     if ( $p_id == -1 ) {
00043           echo_debug('class_user.php',__LINE__," g_user = ".$_SESSION['g_user']);
00044     $this->id=$_SESSION['g_user'];
00045     $this->pass=$_SESSION['g_pass'];
00046     $this->valid=(isset ($_SESSION['isValid']))?1:0;
00047     $this->db=$p_cn;
00048     if ( isset($_SESSION['g_theme']) )
00049       $this->theme=$_SESSION['g_theme'];
00050     
00051     $this->admin=( isset($_SESSION['use_admin']) )?$_SESSION['use_admin']:0;
00052     
00053     if ( isset($_SESSION['use_name']) )
00054       $this->name=$_SESSION['use_name'];
00055     if ( isset($_SESSION['use_first_name']) )
00056       $this->first_name=$_SESSION['use_first_name'];
00057     } 
00058     else // if p_id is set get data of another user
00059       {
00060       $this->id=$p_id;
00061       $this->db=$p_cn;
00062       $Sql="select use_first_name,
00063              use_name,
00064              use_login,
00065              use_active,
00066              use_admin,
00067                      from ac_users
00068              where use_id=$p_id";
00069       $cn=DbConnect(); 
00070       $Res=pg_exec($cn,$Sql);
00071       if (($Max=pg_NumRows($Res)) == 0 ) return -1;
00072       $row=pg_fetch_array($Res,0);
00073       $this->first_name=$row['use_first_name'];
00074       $this->name=$row['use_name'];
00075       $this->active=$row['use_active'];
00076       $this->login=$row['use_login'];
00077       $this->admin=$row['use_admin'];
00078     } 
00079   }
00085   function Check()
00086   {
00087         
00088         $res=0;
00089         $pass5=md5($this->pass);
00090         if  ( $this->valid == 1 ) { return; }
00091         $cn=DbConnect();
00092         if ( $cn != false ) {
00093           $sql="select ac_users.use_login,ac_users.use_active, ac_users.use_pass,
00094                     use_admin,use_first_name,use_name
00095                                 from ac_users  
00096                                  where ac_users.use_login='$this->id' 
00097                                         and ac_users.use_active=1
00098                                         and ac_users.use_pass='$pass5'";
00099             echo_debug('class_user.php',__LINE__,"Sql = $sql");
00100             $ret=pg_exec($cn,$sql);
00101             $res=pg_NumRows($ret);
00102             echo_debug('class_user.php',__LINE__,"Number of found rows : $res");
00103             if ( $res >0 ) {
00104               $r=pg_fetch_array($ret,0);
00105               $_SESSION['use_admin']=$r['use_admin'];
00106               $_SESSION['use_name']=$r['use_name'];
00107               $_SESSION['use_first_name']=$r['use_first_name'];
00108               
00109               $this->admin=$_SESSION['use_admin'];
00110               $this->name=$_SESSION['use_name'];
00111               $this->first_name=$_SESSION['use_first_name'];
00112               $this->GetGlobalPref();
00113 
00114             }
00115           }
00116           
00117         if ( $res == 0  ) {
00118                 echo '<META HTTP-EQUIV="REFRESH" content="4;url=index.html">';
00119                 echo "<BR><BR><BR><BR><BR><BR>";
00120                 echo "<P ALIGN=center><BLINK>
00121                         <FONT size=+12 COLOR=RED>
00122                         Invalid user <BR> or<BR> Invalid password 
00123                         </FONT></BLINK></P></BODY></HTML>";
00124                 session_unset();
00125                 
00126                 exit -1;                        
00127         } else {
00128           $this->valid=1;
00129         }
00130         
00131         return $ret;
00132         
00133   }
00134 
00135   function getJrn() {
00136   }
00143   function Admin() {
00144     $res=0;
00145     
00146     if ( $this->id != 'phpcompta') {
00147       $pass5=md5($this->pass);
00148       $sql="select use_id from ac_users where use_login='$this->id'
00149                 and use_active=1 and use_admin=1 and use_pass='$pass5'";
00150       
00151       $cn=DbConnect();
00152       
00153       $this->admin=CountSql($cn,$sql);
00154     } else $this->admin=1;
00155     
00156     return $this->admin;
00157   }
00158   function AccessJrn($p_cn,$p_jrn_id) {
00159     $this->Admin();
00160     if ( $this->admin==1) return true;
00161     $sql=CountSql($p_cn,"select uj_id 
00162                              from user_sec_jrn 
00163                              where
00164                              uj_priv in ('R','W')
00165                              and uj_jrn_id=".$p_jrn_id.
00166                   "  and uj_login = '".$this->id."'");
00167     if ( $sql != 0 ) return true;
00168     return false;
00169         
00170   }
00178 function SetPeriode($p_periode) {
00179   $sql="update user_local_pref set parameter_value='$p_periode' where user_id='$this->id' and parameter_type='PERIODE'";
00180   $Res=ExecSql($this->db,$sql);
00181 }
00192 function GetPeriode() {
00193   $array=$this->GetPreferences();
00194   return $array['PERIODE'];
00195 }
00204 function GetPreferences ()
00205 {
00206   // si preference n'existe pas, les créer
00207   $sql="select parameter_type,parameter_value from user_local_pref where user_id='".$this->id."'";
00208   $Res=ExecSql($this->db,$sql);
00209   if (pg_NumRows($Res) == 0 ) {
00210     // default periode
00211     $sql=sprintf("insert into user_local_pref (user_id,parameter_value,parameter_type) 
00212                  select '%s',min(p_id),'PERIODE' from parm_periode where p_closed=false",
00213                  $this->id);
00214     $Res=ExecSql($this->db,$sql);
00215 
00216     $l_array=$this->GetPreferences();
00217   } else {
00218     for ( $i =0;$i < pg_NumRows($Res);$i++) {
00219       $row= pg_fetch_array($Res,0);
00220       $type=$row['parameter_type'];
00221       $l_array[$type]=$row['parameter_value'];
00222     }
00223   }
00224   return $l_array;
00225 }
00236  function CheckAction ( $p_cn,$p_action_id)
00237 {
00238 
00239   if ( $this->admin==1 ) return 1;
00240 
00241   $Res=ExecSql($p_cn,"select * from user_sec_act where ua_login='".$this->id."' and ua_act_id=$p_action_id");
00242   $Count=pg_NumRows($Res);
00243   if ( $Count == 0 ) return 0;
00244   if ( $Count == 1 ) return 1;
00245   echo "<H2 class=\"error\"> Invalid action !!! $Count select * from user_sec_act where ua_login='$p_login' and ua_act_id=$p_action_id </H2>";
00246 }
00256 function GetGlobalPref() 
00257 {
00258         echo_debug('class_user.php',__LINE__,"function GetGlobalPref");
00259   $cn=Dbconnect();
00260   // Load everything in an array
00261   $Res=ExecSql ($cn,"select parameter_type,parameter_value from 
00262                   user_global_pref
00263                   where user_id='".$this->id."'");
00264   $Max=pg_NumRows($Res);
00265   if (  $Max == 0 ) {
00266           $this->insert_default_global_pref();
00267           $this->GetGlobalPref();
00268           return;
00269           }
00270   // Load value into array
00271   $line=array();
00272   for ($i=0;$i<$Max;$i++) {
00273     $row=pg_fetch_array($Res,$i);
00274     $type=$row['parameter_type']; 
00275     $line[$type]=$row['parameter_value'];;
00276   }
00277   // save array into g_ variable
00278   $array_pref=array ('g_theme'=>'THEME','g_pagesize'=>'PAGESIZE');
00279   foreach ($array_pref as $name=>$parameter ) {
00280           if ( ! isset ($line[$parameter]) ) {
00281                   echo_debug("Missing pref : ".$parameter);
00282                   $this->insert_default_global_pref($parameter);
00283                 $this->GetGlobalPref();
00284                 return;
00285                 }       
00286     $_SESSION[$name]=$line[$parameter];
00287   }
00288 }
00289 
00298 function insert_default_global_pref($p_type="",$p_value="") {
00299         echo_debug('class_user.php',__LINE__,"function insert_default_global_pref");
00300         echo_debug('class_user.php',__LINE__,"parameter p_type $p_type p_value  $p_value");
00301 
00302         $default_parameter= array("THEME"=>"Light",
00303                 "PAGESIZE"=>"50");
00304         $cn=Dbconnect();
00305         $Sql="insert into user_global_pref(user_id,parameter_type,parameter_value) 
00306                                 values ('%s','%s','%s')";
00307         if ( $p_type == "" ) {
00308                 foreach ( $default_parameter as $name=>$value) {
00309                         $Insert=sprintf($Sql,$this->id,$name,$value);
00310                         ExecSql($cn,$Insert);
00311                 }
00312         }
00313         else {
00314                 $value=($p_value=="")?$default_parameter[$p_type]:$p_value;
00315                 $Insert=sprintf($Sql,$this->id,$p_type,$value);
00316                 ExecSql($cn,$Insert);
00317         }
00318 
00319 
00320 }
00321 
00330 function update_global_pref($p_type,$p_value="") {
00331         $default_parameter= array("THEME"=>"Light",
00332                 "PAGESIZE"=>"50");
00333         $cn=Dbconnect();
00334         $Sql="update user_global_pref set parameter_value='%s' 
00335                         where parameter_type='%s' and 
00336                                 user_id='%s'";
00337         $value=($p_value=="")?$default_parameter[$p_type]:$p_value;
00338         $Update=sprintf($Sql,$value,$p_type,$this->id);
00339         ExecSql($cn,$Update);
00340 
00341  }//end function
00345 function getExercice()
00346 {
00347   $sql="select p_exercice from parm_periode where p_id=".$this->GetPeriode();
00348   $Ret=ExecSql($this->db,$sql);
00349   $r=pg_fetch_array($Ret,0);
00350   return $r['p_exercice'];
00351 }
00358 function AccessRequest($p_cn,$p_action)
00359 {
00360   if ( $this->CheckAction($p_cn,$p_action)==0 )
00361     {
00362       echo "<script>";
00363       echo "alert ('Cette action ne vous est pas autorisée. Contactez votre responsable');";
00364       echo "</script>";
00365       exit(-1);
00366     }
00367 }
00368 }
00369 ?>